About the Upcoming 1.5 Release and Active TCP Proxying
2016-03-15 20:01:00

The next major release, 1.5, will be a big update which will include not only a lot of fixes and improvements but also a whole new functionality that will open whole new attack scenarios for MITM, active TCP proxying. If you are a bettercap user, you ...

BetterCap 1.4.4 and the Server Name Indication Mechanism
2016-02-24 16:00:00

We've just released version 1.4.4 and I'd like to explain one of the changelog entries: Fixes #152 : Generating HTTPS certificates on the fly leveraging on SNI mechanism. Issue 152 on GitHub: Currently, only a single HTTPS domain can be proxied wi ...

How To Submit Bugs/Issues Properly
2016-02-18 16:09:00

One of the things I find myself doing most of the times as the lead developer of the project, is replying to bugs submissions and, most of the times, those submissions are incomplete and do not follow the guidelines. For this reason I want to describ ...

How to Use BetterCap HTTPS Proxy Effectively
2016-02-15 13:42:00

This is an outdated post, you will find a newer and correct version of the instructions here. Recently a few users reported some issues using the builtin HTTPS proxy, mostly because there's some confusion around it and its real purpose. The ...

SSL Stripping and HSTS Bypass with BetterCap
2016-02-15 13:42:00

Since version 1.3.0 BetterCap is able to perform SSL stripping and since version 1.3.8 it also performs HSTS bypass, but what are exactly these techniques and how can we use them? SSL Stripping SSL stripping is a technique introduced by Moxie Marlin ...

We Have a New Logo!
2016-02-13 16:05:00

After three months we finally closed Issue #89 "Create a logo/mascot for bettercap." thanks to wootw0rm who provided us a whole new ( and cooler! ) ninja. I'd also like to say thanks to each one of you who contributed with ideas, sug ...

BetterCap for the Good: Inject FireBug Lite to Debug any Web App ( Mobile Too )
2016-02-05 02:02:00

Today I was talking with a friend of mine ( hail Guizzo! ^_^ ), a web developer who's struggling with something every web developer has to face, cross browser compatibility. His main problem was about websites running on mobile browsers that can't be ...

HowTo: BetterCap and the BeEF Exploitation Framework
2016-02-04 18:36:00

A few users asked a simple tutorial about bettercap and the BeEF Framework integration, so here it is. What is BeEF BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. Amid growing c ...

Deanonymizing Users On Your Network
2016-02-04 16:40:00

A few days ago Mohamed A. Baset ( @SymbianSyMoh ) sent me a tweet asking for my opinion about a javascript module he's been working on, what I saw is a video showing users on his virtual network getting deanonymized by this module which was apparentl ...